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IN THE CLAIMS 

1 . (Currently Amended) A data processing device comprising: 

a data storage means for storing an access permission table stored in media; 
a memory interface unit for accessing said data storage means; and 
a control unit for controlling said memory interface unit; 
wherein: 

W an the access permission table which is stored in a data storage area in said data storage 

means is set in said memory interface unit; and 

in response to an access command to access said data storage means, which is issued by 
said control unit, said memory interface unit determines, by referring to the access permission 
table, whether or not to execute the access command, whereby processing which is set 
executable by the access permission table is only executed. 

2. (Original) A data processing device according to Claim 1, wherein: 

the data storage area in said data storage means is a flash memory having a plurality of 
blocks, each of which consists of a plurality of sectors which each have a predetermined data 
capacity; 

in the access permission table, permission information on block-unit data processing is 
set; and 

in accordance with the set permission information, said memory interface unit includes 
means for determines whether or not the block-unit data processing can be executed. 

3. (Original) A data processing device according to Claim 1, wherein: 
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only when a type of processing corresponding to the access command from said control 
unit is within a range of processing types which are set executable by the access permission table 
does said memory interface unit execute the type of processing, and sets a process-success flag in 
accordance with a success of the processing in said memory interface unit; and 

said control unit executes processing thereof on condition that the setting of the process- 
success flag in said memory interface unit is verified. 

4. (Original) A data processing device according to Claim 1 , wherein: 

when the access command designates a data- file reading process, said control unit 
executes a process in which the address of a data file to be read is selected from a file allocation 
table corresponding to the data storage area in said data storage means and is transmitted to said 
memory interface unit; and 

after receiving the address of the data file, said memory interface unit determines, by 
using the received address to refer to the access permission table, whether or not an address- 
assigned area having the address is a data-readable area, and only when the address-assigned 
area is a data-readable area does said memory interface unit execute the data-file reading 
process. 

5. (Original) A data processing device according to Claim 1, wherein: 

when the access command designates a data-file writing process, said control unit 
executes a process in which the address of a data file to be written is selected from the data 
storage area in said data storage means and is transmitted as a write address to said memory 
interface unit; and 
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after receiving the write address, said memory interface unit determines, by using the 
received write address to refer to the access permission table, whether or not an address-assigned 
area having the write address is data-writable area, and only when the address-assigned area is a 
data- writable area does said memory interface unit execute the data-file writing process. 

6. (Original) A data processing device according to Claim 1, wherein: 



in the access permission table, in the form of additional data, an integrity check value 
which is generated based on data in the access permission table is included as a check value for 
verifying whether or not the data in the access permission table is interpolated; 

said memory interface unit includes a cryptosystem unit for, based on the integrity check 
value, executing the integrity checking of the access permission table; and 

when said cryptosystem unit determines that the access permission table has not been 
interpolated, the access permission table is set in said memory interface unit, and data processing 
is executed based on the determination of access permission in accordance with the set access 
permission table. 

7. (Original) A data processing device according to Claim 1, wherein: 

in the access permission table, in the form of additional data, an integrity check value 

which is generated based on data including data in the access permission table and an identifier 

unique to said data storage means is included as a check value for verifying whether or not the 

data in the access permission table is interpolated; 

the verification based on the integrity check value by said memory interface unit is 

executed as the verification of whether or not the access permission table is stored in valid 
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media, in addition to the verification of whether or not the data in the access permission table is 
interpolated; and 

when verifying the validity of storage, the access permission table is set in said memory 
interface unit, and data processing is executed based on the determination of access permission 
in accordance with the set access permission table. 



8. (Original) A data processing device according to Claim 1, wherein, when mutual 
authentication is established as a result of mutual authentication with said data storage means, 
the access permission table, which is stored in the memory of said data storage means, is set in 
said memory interface unit. 



9. (Original) A data processing device according to Claim 1, wherein: 

said data storage means is a flash memory having a data storage area which has a 

plurality of blocks, each of which consists of a plurality of sectors in which each of the sectors 

has a predetermined data capacity; 

in the access permission table, either information on whether or not block-unit data 

erasure can be performed or information on whether or not block-unit data playback can be 

performed is set; and 

in accordance with either information set in the access permission table, said memory 
interface unit determines whether or not block-unit data processing can be executed. 
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10. (Original) A data storage device comprising a data storage area consisting of a 
plurality of blocks, each of which consists of a plurality of sectors which each have a 
predetermined data capacity, 

wherein, in said data storage area, an access permission table in which permission 
information on block-unit data processing in the data storage area is set is stored. 

1 1 . (Original) A data storage device according to Claim 10, wherein data-processing- 
permission information on blocks of the data storage area in which the access permission table is 
stored is set to indicate that the blocks are treated as an erasure-prevented area. 

12. (Original) A data storage device according to Claim 10, further comprising a 
cryptosystem unit for executing mutual authentication with a data processing device which 
performs data transfer to said data storage device, 

wherein, when the mutual authentication is established, a process which transfers the 
access permission table to said data processing device is executed. 

1 3 . (Currently Amended) A data processing method for a data processing device 
comprising a data storage means for storing an access permission table stored in media, a 
memory interface unit for accessing said data storage means^ and a control unit for controlling 
said memory interface unit, wherein said memory interface unit performs the steps of; 

setting therein m the access permission table which is stored in a data storage area in said 
data storage means; 
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determining, by referring to the access permission table in response to an access 
command to access said data storage means, whether or not to execute the access command; and 
executing only a process which is set executable by the access permission table. 

14. (Original) A data processing method according to Claim 13, 
wherein: 



the data storage area in said data storage means is a flash memory having a plurality of 
blocks, each of which consists of a plurality of sectors which each have a predetermined data 
capacity; 



in the access permission table, permission information on block-unit data processing is 
set; and 

in accordance with the set permission information, said memory interface unit includes 
means for determines whether or not the block-unit data processing can be executed. 

15, (Original) A data processing method according to Claim 13, 
wherein: 

only when a type of processing corresponding to the access command from said control 
unit is within a range of processing types which are set executable by the access permission table 
does said memory interface unit execute the type of processing, and sets a process-success flag in 
accordance with a success of the processing in said memory interface unit; and 

said control unit executes processing thereof on condition that the setting of the process- 
success flag in said memory interface unit is verified. 
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16. (Original) A data processing method according to Claim 13, 
wherein: 

A^hen the access command designates a data-file reading process, said control unit 
executes a process in which the address of a data file to be read is selected from a file allocation 
table corresponding to the data storage area in said data storage means and is transmitted to said 
memory interface unit; and 

after receiving the address of the data file, said memory interface unit determines, by 
using the received address to refer to the access permission table, whether or not an address- 
assigned area having the address is a data-readable area, and only when the address-assigned 
area is a data-readable area does said memory interface unit execute the data-file reading 
process. 

17. (Original) A data processing method according to Claim 13, 
wherein: 

when the access command designates a data-file writing process, said control unit 
executes a process in which the address of a data file to be written is selected from the data 
storage area in said data storage means and is transmitted as a write address to said memory 
interface unit; and 

after receiving the write address, said memory interface unit determines, by using the 
received write address to refer to the access permission table, whether or not an address-assigned 
area having the write address is data-writable area, and only when the address-assigned area is a 
data-writable area does said memory interface unit execute the data-file writing process. 
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18. (Original) A data processing method according to Claim 13, 
wherein: 

in the access permission table, in the form of additional data, an integrity check value 
which is generated based on data in the access permission table is included as a check value for 
verifying whether or not the data in the access permission table is interpolated; and 

said memory interface unit executes the steps of: 

executing, based on the integrity check value, the integrity checking of the access 
permission table; 

setting the access permission table in said memory interface unit when it is determined 
that the access permission table has not been interpolated; and 

executing data processing based on the determination of access permission in accordance 
with the set access permission table. 

19. (Original) A data processing method according to Claim 13, 
wherein: 

in the access permission table, in the form of additional data, an integrity check value 
which is generated based on data including data in the access permission table and an identifier 
unique to said data storage means is included as a check value for verifying whether or not the 
data in the access permission table is interpolated; and 

said memory interface unit executes the steps of: 

executing the verification based on the integrity check value as the verification of 
whether or not the access permission table is stored in valid media, in addition to the verification 
of whether or not the data in the access permission table is interpolated; 
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setting therein the access permission table when the validity of storage is verified; and 
executing data processing based on the determination of access permission in accordance 
with the set access permission table. 

20. (Original) A data processing method according to Claim 13, wherein, when mutual 
authentication is established as a result of mutual authentication with said data storage means, 
the access permission table, which is stored in the memory of said data storage means, is set in 
said memory interface unit. 

21. (Original) A data processing method according to Claim 13, wherein: 

said data storage means is a flash memory having a data storage area which has a 
plurality of blocks, each of which consists of a plurality of sectors in which each of the sectors 
has a predetermined data capacity; 

in the access permission table, either information on whether or not block-unit data 
erasure can be performed or information on whether or not block-unit data playback can be 
performed is set; and 

in accordance with either information set in the access permission table, said memory 
interface unit determines whether or not block-unit data processing can be executed. 

22. (Currently Amended) A program providing medium for providing a computer 
program which controls a computer system to execute data processing by a data processing 
device comprising a data storage means for storing an access permission table stored in media, a 
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memory interface unit for accessing said data storage means A and a control unit for controlling 
said memory interface unit, 

wherein the computer program comprises the steps of: 

setting an the access permission table which is stored in a data storage area in said data 
storage means; 

determining, by referring to the access permission table in response to an access 
command to access said data storage means, whether or not to execute the access command; and 
executing only a process which is set executable by the access permission table. 
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